CVE-2018-12994
CVE-2018-12994 affects OneFileCMS (onefilecms.php) up to version 2012-04-14. The vulnerability allows an attacker to execute arbitrary PHP code by supplying a ".php" filename on the New File screen, due to improper handling in the file creation workflow. Multiple connected sources corroborate the...